HTML:RedirBA-inf [TRJ]

Today I am trying to load my forum and suddenly AVAST! block it saying "HTML:RedirBA-inf [TRJ] " could anyone tell me what is wrong with my forum?!?

http://z6.invisionfree.com/BlessedWings/index.php?http://s6.invisionfree.com/BlessedWings/index.php

Update the virus definitions, pls.

Do not want to create a new topic. But I have the same key problems. Avast was blocking my site with a notice that there is a virus, but other antivirus software did not find any virus on my site

Site address: www.magnum-blog.pp.ua

Maybe this is just another false alarm?

Technical support is silent on this issue, but for me it is important

If you already confirm this with

http://www.virustotal.com
http://virscan.org/

and other additional alternatives as jotti.org and sucuri.net among others

then you can:

_ report a false positive here:
http://www.avast.com/contact-form.php?loadStyles

_ send virus report or “possible FP /unconfirmed malware” or similar subjet to:
virus@avast.com

Why…???

Report 2011-09-19 11:11:57 (GMT 1)
Website magnum-blog.pp.ua
Domain Hash 10c12538e247ec8a04962c84aa8f6481
IP Address 78.47.94.244 [SCAN]
IP Hostname zoxt.sioru.com
IP Country DE (Germany)
AS Number 24940
AS Name HETZNER-AS Hetzner Online AG RZ
Detections 0 / 23 (0 %)
Status CLEAN

Report 2011-09-19 12:14:07 (GMT 1)
IP Address 78.47.94.244
IP Hostname zoxt.sioru.com
IP Country DE
AS Number N/A
AS Name N/A
Detections 0 / 26 (0 %)
Status CLEAN

I do not know how can this be, the site does not contain viruses. But avast still continues to block it.

He scolds partly on html tag

If you remove it, instead of the previous virus, he begins to see on the site HTML: Script-inf

How can this ever be?

See Reply #3. :wink:

can you post a screen shot of the avast warning ?

Sorry but at this point I do not have such an opportunity

Here it is.

Thank you.

Tell me, what was written in details?
You have a button “details” in the screen shot

  1. You’re welcome…!
  2. Nothing important. :wink:

I understand that nothing important. But for me it’s important.
It’s still my site

Why don’t you click on it yourself…???

Due to the fact that I have is a different antivirus

P.S: Sorry for my english

I see.
So ask the one who reported it to you to provide the link.
As mine is in German and wouldn’t help you much. :wink:

@Magnum,

If you can concentrate on sending this to Avast as a possible FP as instructed in reply #3, you could gain some time (instead of passively waiting for someone from Avast Team to see and read this topic).

The “details” (at least for now) is not specifically for “you” (your site), so that’s why is not that important.

If it is indeed a FP, then Avast will solve this and your friend (and everyone else that has Avast) will be able to get to your site without problems, but for that to happen as promptly as it can, you should probably report this as suggested.

These requests have already been sent to specialists avast.
This was done primarily

There is a packed obfuscated script file being loaded {gzip} with the home page (image 1), is this meant to happen ?

See image2 for an extract of the obfuscated file being loaded.

So I’m not sure this is a false positive, but it certainly needs investigation, I know you have said you reported it. But if you didn’t use the link in Reply #3 I would use that as that seems to have a faster response.

If you are reporting an FP, then you get another input field open, enter the web URL for the site you wish to submit for review (network shield and Web Shield), etc. a link to this topic might also help.

I still believe that this is a false alarm. because if we remove from the code page of the site:

and

avast no longer see the threat. So, what’s so wrong with these two lines?

If you scan the file avast lknlightbox.js on the path above. That virus is not there